--- Urlader/Urlader.pm	2012/01/09 14:08:28	1.6
+++ Urlader/Urlader.pm	2012/02/06 21:57:48	1.7
@@ -395,6 +395,12 @@
 
 =back
 
+=head1 SECURITY CONSIDERATIONS
+
+The urlader executable itself does not support setuig/setgid operation, or
+running with elevated privileges - it does no input sanitisation, and is
+trivially exploitable.
+
 =head1 AUTHOR
 
  Marc Lehmann <schmorp@schmorp.de>